Skip to content

Uploads and Storage

Uploads and storage turn a file sent by a browser or client into a database file record plus an object in a storage driver. This area is highly affected by reverse proxies, CORS, object storage, and follower-node topology.

Capability Boundaries

CapabilityNotesRelated docs
Direct small-file uploadBrowser posts to primary; server writes to the target storageUploads and Large Files
Chunked uploadLocal chunk sessions, progress, resume, 24h session TTLUploads and Large Files
Object-storage presigned uploadBrowser PUTs directly to S3-compatible storage, Azure Blob SAS URLs, or Tencent COS; server verifies and finalizesUploads and Large Files, Storage Policies
Object-storage multipartBrowser uploads parts in batches; server completes and validates contentUploads and Large Files, S3 / MinIO / R2, Azure Blob Storage, Tencent COS
Microsoft Graph storageWrites files to OneDrive, SharePoint site drives, or Microsoft 365 group drives after administrator authorizationOneDrive, Storage Policies
SFTP storageServer-side streaming reads and writes to an SSH/SFTP file serverSFTP, Storage Policies
Storage policiesDecide whether files land on local, s3, sftp, azure_blob, tencent_cos, one_drive, or remoteStorage Policies
Policy groupsRoute by user, team, and file size to storage policiesStorage Policies
Follower storagePrimary writes objects to a follower; the follower stores them locally or in S3Follower Node Enrollment, Follower Node Storage Policy

Backend Modules

ModuleOwns
files::uploadUpload sessions, chunks, progress, status transitions
workspace::storage_coreBlob dedupe, file records, quota, policy choice, finalization
storage_policy::policyStorage policies, policy groups, rules
storage::traits, storage::drivers, storage::connectorsStorageDriver and StorageConnector abstractions, local, S3-compatible, SFTP, Azure Blob, Tencent COS, OneDrive, and remote drivers
storage::remote_protocolPrimary/follower internal remote storage protocol
remote::remote_node, remote::storage_targetFollower nodes and ingress targets
task::storage_migrationStorage migration tasks

Key Boundaries

  • Quota checks have two layers: fast-fail outside the transaction and authoritative checking inside the transaction.
  • Filename uniqueness, blob ref counts, and upload-session state transitions must use repository-level atomic helpers.
  • Whether presigned works depends on browser reachability to object storage or follower base_url, not only primary reachability.
  • A successful admin connection test only proves that the AsterDrive server can reach the backend. presigned upload / download still needs browser network and CORS checks for object storage, Azure Blob, or follower endpoints.
  • SFTP is a server-side streaming backend. Its operational checks are Endpoint, SSH credentials, base path, and host key fingerprint; browser CORS and presigned URLs are not involved.
  • Follower reverse_tunnel is suitable for relay_stream, not browser-direct presigned.

Troubleshooting Direction

  • Small files upload but large files fail: check reverse proxy body size, timeout, temporary directories, and chunk size.
  • relay_stream works but presigned fails: check CORS, browser network, and endpoint reachability.
  • Connection test fails: read the backend diagnostic first. Storage diagnostics are returned in the standard error response as error.diagnostic.message.
  • Follower storage fails: check node enabled state, transport mode, default ingress target, and protocol capabilities.
  • Quota or blob references drift: run a deep check with Operations CLI.

Released under the MIT License